Vulnerability Policy timeline:
We handle every report of vulnerability with care.
What You Can Expect
When we receive a report of a possible vulnerability through the EPOS Trust Centre, this is what the sender can expect regarding getting an answer:
- Initial acknowledgement after 5 days max
- Status after 4 weeks
- Resolution answer after 80 days
The triage of these reports will be done by our Vigilance Evaluation Board, using our internal Procedure called G-600 Vigilance.
The board has a system of vigilance that evaluate the vulnerabilities reports that come in.
They are scored on two parameters 1) Severity of thread & 2) Likelihood of the vulnerability being used.
For More Information
Please also contact us, if you want to hear more about the way we perform this triage, and how the Vigilance Board operates. This could be in the event of a Request for Proposals etc.